CVE-2026-20896 lets reachable Gitea Docker containers trust spoofed X-WEBAUTH-USER headers when reverse proxy auth is enabled ...
Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username.
Louis Mastelinck previews common Entra ID pitfalls around authentication, Conditional Access, privilege and app consent.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results